Cloud Security Test Review Question
What does multitenancy mean?
multiple users for the same cloud One server with multiple customers or applications
Why is PaaS an excellent solution for development purposes? a. It is faster than DRaaS b. It acts as a failover system c. It can host a vm d. No need to do maintenance
D
When should we build a closed virtual appliance? A. When customization should be unavailable. B. When the OS, updates, and customizations are required. C. When it is to be distributed across the entire organization.
A
The cloud's infrastructure must be secure. Who is responsible for securing the cloud's physical infrastructure? A. The cloud provider B. The cloud client C. The user who accesses the Internet D. Clients who use on-premises services
A
What is the main purpose of cloud services? A. Remote hosting of services with self-service interfaces B. Increase computing capabilities C. Secure access to the internet D. Provide access to the Internet
A
What tool was used to look at vulnerabilities?
AWS Inspector
What is required to build and run different containers? A. Any Hypervisor is suitable B. A container agent environment C. Only the Linux and Windows OSs D. Containers can run only on AWS
B
What is the purpose of AWS security groups? A. To separate users into groups B. To configure network access control for AWS instances C. To create multiple users for a single AWS account D. To block RDP connections to EC2 instances
B
What is virtualization? A. A pseudo approach to computer systems. B. The ability to create logical computer resources. C. Separation between software and hardware. D. The ability to store information online
B
Which of the following is a benefit of using SECaaS? A. It is a more transparent way to manage information security in an organizational environment B. There is no need to maintain a security testing team on a regular basis C. It provides better storage options than other solutions D. It has the best professionals available compared with other options
B
Which of the following is not a method of securing data in the cloud? A. Using cloud access security broker B. Preventing remote access C. Setting up a DLP system D. Using URL filtering
B
While expanding the company, the CTO decided to implement cloud computing. What could be the main purpose of his decision? A. Providing access to the internet B. Hosting services off-premises C. Increasing computing capabilities D. Securing access to the internet
B
Why should access management be enforced in cloud environments? A. To allow logins from different geographical locations and networks B. To allow or restrict users from accessing resources C. To allow or restrict logins to the account D. To manage multiple groups simultaneously
B
What is a type 2 hypervisor? a. A bare-metal hypervisor. b. A hypervisor that runs directly on hardware. c. A hypervisor that runs as an application on a host's OS.
C
What is the meaning of performing something off-premises? a. Performing it with a serverless service b. Performing it in a secure way. c. Performing it at a service provider's site.
C
What is the purpose of a software-defined perimeter? a. To create a software-defined network for maximum control and security. b. To authenticate access to applications on-premises. c. Separation between applications and authentication processes.
C
Which of the following is a primary reason why the cloud is considered a great solution? A. Ownership and remote location B. Server location and platform maintenance C. Scalability and flexibility D. Sociability and location
C
Closed vs open virtual appliances
Closed: Cannot be customized Open: Can be customized
What is CASB
Cloud access security broker Used as a reverse proxy. Nd it monitors all data
John wants to create a resource in the cloud to provide the ability to fully control the OS, and all of its configurations and data, but not the physical infrastructure. Which of the following service models should he use? A. SaaS B. DRaaS C. PaaS D. IaaS
D
What feature did we use to control access to the AWS
Group Policy
Software defined perimeter pillars are
Identy centric Zero Trust - cant just log in, need something like two factor Purpose field of the cloud
What is the main purpose of cloud computing?
It's self service interface for managing your work Remote resources that are available almost anywhere
Types of clouds
Public (Like ), Private (google) & hybrid ()
SaaS
Software as a service Multi-tenant by nature Is the least amount of customer accountability
Software to find networking
Softwares controlling how we configure our network
Type 1 vs Type 2 hypervisors
Type 1: Does not need OS. Will run straight on Machine (AKA its bare metal) Type 2: runs on OS
What is the primary concern of the security of the cloud?
We are mainly defending against data breaches
what other concerns would we have when converting to a cloud?
Your licensing will follow you no matter what you do.
What is Cloud Computing and what are some benefits
cloud computing = services on the internet; beenfits = reduce cost, scalability benefits: quick start up and scalability
What is the purpose of multi-tenancy
shared resources between multiple clients